Location based authorization of financial card transactions systems and methods

ABSTRACT

Systems, methods, and software for identifying location based rules related to a network connected device are described. A network connected device may transmit a set of data identifying the location of the device and an identifier unique to the device to a server. The server may also receive an action request, wherein the action request is associated with the identifier. The server may select a rule in a database to address the action request, the rule applicable to the identifier and location of the device. Various embodiments related to financial card transactions, access to financial information, emergency services contact, and electronic message filtering are also addressed.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application is a continuation of Application No. 11/219,219 (the“219 Application”), filed Sept. 2, 2005 by Gilman R. Stevens andentitled, “Location Based Authorization of Financial Card TransactionsSystems and Methods,” which is hereby incorporated by reference in itsentirety. The “219 application is related to the following U.S. patentapplications, the entire disclosures of which are hereby incorporated byreference: U.S. application Ser. No. 11/219,082 (now U.S. Pat. No.7,697,942), filed on Sept. 2, 2005 by Stevens, entitled “Location BasedRules Architecture Systems and Methods ”; U.S. application Ser. No.11/219,255, filed on Sept. 2, 2005 by Stevens, entitled “Location BasedAccess to Financial Information Systems and Methods”; U.S. applicationSer. No. 11/219,242, filed on Sept. 2, 2005 by Stevens, entitled“Location Based Information for Emergency Services Systems and Methods”; and U.S. application Ser. No. 11/219,283 (now U.S. Pat. No.7,487,170), filed on Sept. No. 2, 2005 by Stevens, entitled “LocationInformation for Avoiding Unwanted Communications Systems and Methods”.

BACKGROUND OF THE INVENTION

The present invention relates generally to electronic communications,and more specifically to the use of location based information incommunications networks.

GPS receivers and other location determination technology have advancedrapidly over the past few years. In addition, the chipsets associatedwith this location technology have gotten much smaller and less costly,with stamp size receivers becoming far more common. Certain applicationsfor this location based information are only now becoming possible and,thus, leveraging the size and cost improvements is only in the nascentstages. Communication networks, relational databases and computersystems represent other areas that have also seen significantadvancement in speed, price, and size. There are considerableopportunities for integration of location determination technology withthese different systems to provide new functionality.

There are a variety of problems for which location verificationtechnology could be used which may not be apparent at first glance. Forexample, credit and other financial card fraud is a significant problem.Many attempts have been made to address these issues, with varyingdegrees of success. However, with the rise of the Internet and theimprovements in communication, new fraud schemes are being created andevolving. Often, the financial card information is fraudulently used fora transaction at a different place than the physical location of thelegitimate card holder. There is, thus, need in the art to betterleverage location based technology to verify users and authorizetransactions of such financial cards.

Phishing is another fraud currently on the rise. Phishing is the act ofsending an e-mail to a user, wherein the sender falsely claims to be afinancial company or other organization. The e-mail directs the user tovisit a website where he or she is asked to update personal information,such as passwords, account numbers, credit cards, and social securitynumbers, that the legitimate organization already has. The website,however, is merely set up to defraud the unwary visitor intosurrendering private information. Often, the personal information isfraudulently used at a different location than the legitimate user.There is, thus, need in the art to better leverage location basedtechnology to verify and authenticate potential victims of Phishing andother such fraud schemes.

As mobile communication devices have proliferated, issues related to thereporting and request of emergency services have grown. A Public SafetyAnswering Point (“PSAP”) is an entity authorized to receive and respondto emergency calls in a local area. As mobile telephone serviceexpanded, the difficulty with routing calls to the proper PSAP became abigger issue. Enhanced 911 (E911) provides the ability to selectivelyroute calls to the proper PSAP based on the location of a caller. Thisis accomplished through the use of an Automatic Location Identification(“ALI”) database. However, as the number and variety of datacommunication devices have multiplied, there is an increasing need inthe art to leverage location based technology to provide improvedinformation and service to both emergency providers and users.

The Internet has spawned an exponential increase in electroniccommunications, but with this change there has also been a significantgrowth in unwanted communications. SPAM (mass e-mail), SPIM (masselectronic messaging), and SPIT (mass Internet telephony) are primeexamples of such unwanted communications. One reason for theproliferation of such unsolicited messages is the anonymity associatedwith electronic communications. This problem is exacerbated by the factthat the location of the sender is often unknown. There is, thus, a needin the art to leverage location based technology to verify theoriginating location of certain senders to limit such unwantedcommunications.

BRIEF SUMMARY OF THE INVENTION

Various embodiments of the invention provide systems, methods andsoftware for identifying location based rules related to a networkconnected device. According to some embodiments, a network connecteddevice receives a set of data identifying the location of the device,such as GPS coordinates. According to various embodiments, the set ofdata may be received by hardware. In different embodiments, hardware maybe integrated into, or detachable from, the device. The networkconnected device may then transmit, in a communications signal, the setof location data and an identifier unique to the device to a locationcomparison server. In alternative embodiments, the identifier maycomprise a MAC address, or an IP address. An identifier may also beassociated with a specific user. The server is in communication with thedevice and a database, and in some embodiments the server may comprisethe database.

The database may comprise a table of identifiers, each identifier in thetable unique to one of any number of electronic devices. According tosome embodiments, the table includes the identifier unique to thenetwork connected device. The database also may include a number ofrules dictating how an action request to be performed by a server shallbe performed. In various embodiments, the rules are applicable only to asubset of the identifiers in the table. The table may also include aplurality of geographic regions. In some embodiments, each geographicregion is associated with a rule, wherein the applicability of each ruleis limited to the geographic region associated with that rule. Thegeographic regions may be variable. In some embodiments, the databasemay store the set of location data. In still other embodiments, thetable may include associated account numbers, credit card numbers,financial information, or user information.

The server may be configured to receive an action request, wherein theaction request is associated with the identifier unique to the device.An action request may be initiated by the user of the device, or anotherperson or entity. In different embodiments, an action request maycomprise a request to allow access to resources of the server, a requestto validate a location, a request for the server to perform some otheraction (e.g, authentication, connection establishment, messageforwarding, etc.), or any other server function or action describedherein. According to some embodiments, the server may then process theaction request according to the applicable rule. To identify theapplicable rule, the server may correlate the action request to a ruleassociated with the action request which is applicable to the identifierunique to the device and the geographic region within which the deviceis located.

According to some embodiments, the action request is associated with alocation from which the action request originated, and the geographicregions are dependent on or determined by the originating location. Inone embodiment, a geographic region comprises an area within a specifieddistance of the originating location.

According to various embodiments, an action request may comprise arequest to authorize a transaction (such as credit card transaction), arequest to access information, a request for emergency services, or arequest to filter an electronic message. Accordingly, in someembodiments, rules to address the action requests may compriseauthorizing or denying a transaction, allowing or prohibiting access toinformation, forwarding a request for emergency services, or filteringan electronic message.

BRIEF DESCRIPTION OF THE DRAWINGS

A further understanding of the nature and advantages of the presentinvention may be realized by reference to the following drawings. In theappended figures, similar components or features may have the samereference label. Further, various components of the same type may bedistinguished by following the reference label by a dash and a secondlabel that distinguishes among the similar components. If only the firstreference label is used in the specification, the description isapplicable to any one of the similar components having the same firstreference label irrespective of the second reference label.

FIG. 1 illustrates a communications system that may be used to identifylocation based rules related to a network connected device according tovarious embodiments of the present invention.

FIG. 2 represents an example of a table illustrating the relationshipbetween certain factors that may be used to identify applicable locationbased rules related to a network connected device according to variousembodiments of the present invention.

FIG. 3A is a flow diagram that illustrates a system for identifyingapplicable location based rules related to a network connected deviceaccording to various embodiments of the present invention.

FIG. 3B is a flow diagram that illustrates an alternative system foridentifying applicable location based rules related to a networkconnected device according to various embodiments of the presentinvention.

FIG. 4A represents an example of a table illustrating the relationshipbetween certain factors, including the location of an action request,that may be used to identify applicable location based rules related toa network connected device according to various embodiments of thepresent invention.

FIG. 4B is a flow diagram that illustrates a system in which certainfactors, including the location of an action request, are used toidentify applicable location based rules related to a network connecteddevice according to various embodiments of the present invention.

FIG. 4C represents an example of a table illustrating how a location ofan action request may be used to identify applicable location basedrules related to a network connected device according to variousembodiments of the present invention.

FIG. 5 is a flow diagram that illustrates a method for identifyingapplicable location based rules related to a network connected deviceaccording to various embodiments of the present invention.

FIG. 6A illustrates a communications system that may be used toauthorize a transaction with a financial card based on the location of amobile communications device and the location of the transactionaccording to various embodiments of the present invention.

FIG. 6B represents an example of a table illustrating the relationshipbetween certain factors that may be used to authorize a transaction witha financial card according to various embodiments of the presentinvention.

FIG. 6C is a flow diagram that illustrates a system that may be used toauthorize a transaction with a financial card based on the location of amobile communications device and the location of the transactionaccording to various embodiments of the present invention.

FIG. 6D is a flow diagram that illustrates a method that may be used toauthorize a transaction with a financial card based on the location of amobile communications device and the location of the transactionaccording to various embodiments of the present invention.

FIG. 7A represents an example of a table illustrating the relationshipbetween certain factors that may be used to authorize a request toaccess financial information according to various embodiments of thepresent invention.

FIG. 7B is a flow diagram that illustrates a system that may be used toauthorize a request to access financial information based on thelocation of a mobile communications device and the location of thetransaction according to various embodiments of the present invention.

FIG. 7C is a flow diagram that illustrates a method that may be used toauthorize a request to access financial information based on thelocation of a mobile communications device and the location of thetransaction according to various embodiments of the present invention.

FIG. 8A is a flow diagram that illustrates a system that may be used forcontacting emergency services based on the location of a networkconnected device according to various embodiments of the presentinvention.

FIG. 8B represents an example of a table illustrating the relationshipbetween certain factors that may be used in contacting emergencyservices according to various embodiments of the present invention.

FIG. 8C is a flow diagram that illustrates a method that may be used toprovide for the contact with emergency services according to variousembodiments of the present invention.

FIG. 9A is a flow diagram that illustrates a system that allows aplurality of receivers to filter electronic messages based on thelocation of the sending device according to various embodiments of thepresent invention.

FIG. 9B represents an example of a table illustrating the relationshipbetween certain factors that may be used in filtering electronicmessages according to various embodiments of the present invention.

FIG. 9C is a flow diagram that illustrates a system that allows each ofa plurality of receivers to filter electronic messages based on thelocation and identification of the sending device according to variousembodiments of the present invention.

FIG. 9D represents an example of a table illustrating the relationshipbetween certain factors, including the location and identification ofthe sender, that may be used in filtering electronic messages accordingto various embodiments of the present invention.

FIG. 9E is a flow diagram that illustrates a method that may be used tofilter electronic messages to each of a plurality of receivers accordingto various embodiments of the present invention.

FIG. 10 is a schematic diagram that illustrates a representative devicestructure that may be used in various embodiments of the presentinvention.

DETAILED DESCRIPTION OF THE INVENTION

This description provides exemplary embodiments only, and is notintended to limit the scope, applicability or configuration of theinvention. Rather, the ensuing description of the embodiments willprovide those skilled in the art with an enabling description forimplementing embodiments of the invention. Various changes may be madein the function and arrangement of elements without departing from thespirit and scope of the invention as set forth in the appended claims.

Thus, various embodiments may omit, substitute, or add variousprocedures or components as appropriate. For instance, it should beappreciated that in alternative embodiments, the methods may beperformed in an order different than that described, and that varioussteps may be added, omitted or combined. Also, features described withrespect to certain embodiments may be combined in various otherembodiments. Different aspects and elements of the embodiments may becombined in a similar manner.

It should also be appreciated that the following rules be a component ofa larger system, wherein other rules may take precedence over orotherwise modify the application of the rules. Also, a number of stepsmay be required before the following rules are identified or applied. Byway of example, with access to financial information, other preventativemeasures and authorizations (e.g., passwords, encryption, biometrics,etc.) may be used in conjunction with or apart from the rules providingfor access to such financial information.

I. Overview: Various embodiments of the present invention provide novelsolutions, including systems, methods, and software, for identifyinglocation based rules related to a network connected device. According tosome embodiments, a network connected device receives a set of dataidentifying the location of the device, such as GPS coordinates. Thenetwork connected device may then transmit, in a communications signal,the set of location data and an identifier unique to the device to aserver. The server is in communication with the device and a database.

The database may comprise a table of identifiers, each identifier in thetable unique to one of any number of electronic devices. According tosome embodiments, the table includes the identifier unique to thenetwork connected device. The database also may include a number ofrules dictating how an action request to be performed by a server shallbe performed. In various embodiments, the rules are applicable only to asubset of the identifiers in the table. The table may also include aplurality of geographic regions. In some embodiments, each geographicregion is associated with a rule, wherein the applicability of each ruleis limited to the geographic region associated with that rule.

The server may be configured to receive an action request, wherein theaction request is associated with the identifier unique to the device.An action request may comprise a request to allow access to resources ofthe server, a request for the server to perform some other action (e.g.,authentication, connection establishment, message forwarding, etc.), orany other server function or action described herein. According to someembodiments, the server may then process the action request according tothe applicable rule. To identify the applicable rule, the server maycorrelate the action request to a rule associated with the actionrequest which is applicable to the identifier unique to the device andthe geographic region within which the device is located.

II. Broad System Architecture: FIG. 1 illustrates an example of aCommunications System 100 within which various embodiments of thepresent invention may be included. The System 100 may be comprised of aNetwork Connected Device 105, Location Comparison Server 110 (or “Server110” or “LC Server 110”), a Database 115, and an Action RequestOriginator 120.

The System 100 components may be directly connected, or may be connectedvia a Network 125, which may be any combination of the following: theInternet, an IP network, an intranet, a wide-area network (“WAN”), alocal-area network (“LAN”), a virtual private network, the PublicSwitched Telephone Network (“PSTN”), or any other type of networksupporting data communication between devices described herein, indifferent embodiments. The Network 125 may include both wired andwireless connections, including optical links. Many other examples arepossible and apparent to those skilled in the art in light of thisdisclosure. In the discussion that follows, the Network 125 may or maynot be noted specifically. If no specific means of connection is noted,it may be assumed that the link, communication or other connectionbetween devices may be via a Network 125.

1. Network Connected Device: A Network Connected Device 105 may becomprised of any of the following examples of a network connecteddevice: a server, a personal computer, a workstation, a web server, amainframe, a router, a switch, an access point, a cellular phone, a VoIPphone, a personal digital assistant, a pager, a text messaging device, alaptop, a portable digital music player, a two way radio, any computingdevice, or other device that transmits data signals, or other signalsthat contain data. A Device 105 communicates with a Network 125 or anycomponent thereof, and the connection of the Device 105 and Network 125may be via any wired, wireless, or other connection.

The Device 105 may be configured to receive a set of data identifyingthe location of the Device 105. The Device 125 may be directly orindirectly coupled with a receiver component which enables the receptionof location based information, also referred to herein as “set of dataidentifying the location” or “location based data.” The location basedinformation may be received by hardware configured to receive the set ofdata identifying the location of the device. The receiver may be coupledwith the Mobile Communications Device 105 in any suitable manner knownin the art. By way of example, it may be an integrated component or maybe a stand alone receiver otherwise communicating with the Device 105.In some embodiments, the hardware may be removable from the device, andthen coupled with another network connected device to provide similarfunctionality without reconfiguration of the hardware. An example ofsuch a component is a GPS receiver communicatively coupled with theDevice 105 with a USB connection. In other embodiments, the hardwareconfigured to receive the set of data identifying the location of theDevice 105 may comprise other GPS receiver configurations. Therefore,the location based information may comprise GPS coordinates. A receivermay, alternatively, comprise any other combination of hardware andsoftware to achieve the functionality described above.

The location based information may be in the form of Satellite 130location information, cellular location information, network analysis oflocation information, location information specific to a building, orother means for location determination. The location based informationmay be based on triangulation using cellular towers or access points.The location based information may be GPS coordinates or any other GPSrelated location information. Alternatively, cellular carriers mayemploy other means of locating cellular telephones and other mobilecomputing devices using cellular towers. By way of example, the timedifference of arrival, angle of arrival, and location pattern matchingmethods are well known in the art as alternative means of obtaininglocation information. Additionally, any combination of the above may beused as well, and it is anticipated that location technologies willevolve and “set of data identifying the location of the device” is to beinterpreted to include the reception of new forms of location baseddata.

According to various embodiments, a Device 105 transmits acommunications signal which includes information comprising the set ofdata identifying the location of the Device 105, and an identifierunique to the Device 105. The identifier may comprise an IP address, aMAC address, a telephone number, a unique device number, or any numberor other identifier unique to a device or which otherwise identifies adevice. The Device 105, and identifier, may be associated with a user, afinancial card number, a credit card number, an account number, or othernumbers or accounts. A communications signal, as that term is usedthroughout the Application, may comprise any number of signals (i.e.,the information may be sent in any number of different signals orpackets). The number of signals may be sent at different times. Thecommunications signal may be transmitted at different intervals. Forexample, the intervals may be related to a specific query by theLocation Comparison Server 110, when each measurement takes place, or atthe end of each call or other two-way communication session. Thecommunications signal may also be transmitted at a regular, periodicinterval (e.g. ping functionality, with transmission every minute orother set or variable interval). Alternatively, the measurements may beconsolidated and transmitted at intervals to maximize power preservationon a mobile Device 105.

Generally, and as described below, the communications signal may bedirected to the Location Comparison Server 110 and associated Database115 (which each may be located in, or otherwise connected to, a Network125) via one or more communications links. Each communications link mayinclude any number of intermediate devices, including routers, switches,or other devices that receive and transmit communication signals. Thecommunications signal may comprise an Internet Protocol (“IP”) packetsent over the Network 125, a short message packet or signal sent overthe Network 125, or comprise any other communications protocol. In someembodiments, the communications signal is transmitted via General PacketRadio Service (“GPRS”). In other embodiments, the communications signalmay comprise a wireless signal to be transmitted via WiFi, WiMax, CDMA,UMTS, UWB, or any other wireless means. However, according to differentembodiments, there are a variety of potential network configurations andprotocols to carry the communications signals.

2. Rule/Location Database: A Device 105 is in communication with theLocation Comparison Server 110, and associated Rule/Location Database115 (hereinafter “Database 115”). The Database 115 may comprise one ormore different databases, and one or more of such databases may be arelational database. According to different embodiments of theinvention, the Database 115 may include any number of tables and sets oftables. In addition, any databases described below may be included inthe Database 115. Application software running on the LocationComparison Server 110 queries the Database 115, and produces forms,reports, or other output as dictated by the application software. TheDatabase 110 may be incorporated within the Location Comparison Server110 (e.g., within its storage media), or may be a part of a separatesystem. The Database 115 may be fully located within a single facilityor distributed geographically. The Database 110 may be organized in anymanner different than described above to provide the functionalitycalled for by the various embodiments, as known by those skilled in theart. The Database 115 contains information related to locationinformation, authentication information, user profiles and preferences.

FIG. 2 shows a table 200 which is provided for exemplary purposes only,and illustrates how the Database 115 may be structured according tocertain embodiments of the invention. The Database 115 may comprise atable 200 of identifiers 210, each identifier in the table unique to oneof any number of network connected devices 205. In the Database 115, theDevice 105 and identifier may also be associated with a user, afinancial card number, a credit card number, an account number, or othernumbers, accounts, information, or physical locations. The table 200also may include a number of action requests 215 (i.e.,ActionRequest_(1A), ActionRequest_(1B), ActionRequest_(2A),ActionRequest_(2B), ActionRequest_(3A), etc.). The subscript numberdenotes the Device 105/identifier to which the action request isapplicable, while the subscript capital letter denotes different actionrequests. Each action request 215 is subject to one or more rules 220dictating how an action request to be performed by the Server 110 shallbe performed (i.e., ActionRequest_(1A) is subject to (Rule_(1Ai),Rule_(1Aii), Rule_(1Aiii)); ActionRequest_(1B) is subject to(Rule_(1Bi),Rule_(1Bii)). The subscripts (i, ii, iii, etc) each denotedifferent rules applicable to the specific action requests for eachDevice 105/identifier. In various embodiments, the rules are applicableonly to a subset of the identifiers in the table.

The table may also include a plurality of geographic regions 225. Insome embodiments, each geographic region 225 is associated with a rule220, wherein the applicability of a rule 220 is limited to thegeographic region 225 associated with that rule 220. The applicablegeographic region 225 is determined by comparing 230 the location 235 ofa device 205 to see if it is within a given geographic region. For agiven device 205, the applicable rule 220 may be determined bycorrelating 230 a rule 220 applicable to an action request 215 with thegeographic region 225 within which a device 205 is located 235. In someembodiments, the Database 115 contains the information categoriesspecified by the dashed line area denoted by reference numeral 240. Inother embodiments, the Database 115 may contain all the informationcategories specified.

3. Location Comparison Server 110: The Location Comparison Server 110may process an action request according to rules in the Database 115.The Server 110 may include, for example, one or more server computers,personal computers, workstations, web servers, or other suitablecomputing devices. The Server 110 may be fully located within a singlefacility or distributed geographically, in which case a Network 125, asdescribed above, may be used to integrate different components. ALocation Comparison Server 110 may comprise any computing deviceconfigured to process, manage, complete, analyze, or otherwise addressan action request, either directly or indirectly. Application softwarerunning on the Location Comparison Server 110 may receive an actionrequest associated with an identifier, and query the database toidentify the applicable rule associated with the action request giventhe location of the Device 105.

In various embodiments, the Location Comparison Server 110 includesapplication software comprising complex mapping and spatial analysisfunctionality in order to evaluate and compare various types of receivedlocation based data. Such mapping and spatial analysis tools are wellknown in the art. The functionality included in the tools may includethe ability to formulate boundaries of geographic regions given certainrules governing their formation. Any number of inputs may dictate howsuch boundaries will be formed.

Additional functionality may include the ability to determine whethercertain devices are located within different regions based on a set ofdata identifying the location of the device. There are a variety of waysknown in the art to create variable boundaries of geographic regionsbased on different input parameters. One skilled in the art willrecognize how such tools may be utilized in various embodiments of theinvention.

In some embodiments, a set of rules dictates the different ways in whichan action request from a given device will be handled, with each ruledependent on the geographic region in which a Device 105 is located.Each rule may apply to one, or more, Device 105, and thus one, or more,unique identifiers. Each rule may be applicable in only specifiedgeographic regions. A rule may relate to one action request from adevice located in a specific region, or a rule may apply to other actionrequests from other devices. A better understanding of the embodimentsof the system may be gained with further discussion of action requests,rules, and associated geographic regions.

4. Action Request⇄Rule/Geographic Region: An action request relates toany action, access, privilege, right, rule, or other resource that maybe provided by a server, such as the Location Comparison Server 110. Byway of example, an action request may comprise a request to allow accessto resources of the server, a request for a password, a request forvalidation or authorization, or a request to establish a communicationconnection. An action request may originate from any network connecteddevice or other computing device which communicates with a Network 125.For ease in discussion, such a device will be termed an “Action RequestOriginator 120.” An Action Request Originator 120 includes any suchdevice which transmits or otherwise initiates an action request. Morespecific examples of such action requests may include, withoutlimitation: a request to authorize a transaction for a credit card,financial card or other financial account number; a request to accessinformation (financial, personal, or other) for or related to an accountnumber; a request to contact or otherwise establish a communicationconnection; a request to deliver, forward or filter an electronicmessage; or a request to validate the location of a user or transaction.

According to various embodiments, an Action Request Originator 120transmits an action request and an identifier associated with a Device105 via one or more communication signals. The communications signalsfrom the Action Request Originator 120 may be transmitted in the samemanner described above relating to transmissions from the Device 105.The transmissions may be sent over a Network 125, and directed to theLocation Comparison Server 110. One purpose of the inclusion of theidentifier may be to link an action request to a Device 105. This may beof importance because an action request may be initiated from a Device105, or may be initiated from another source. Thus, an Action RequestOriginator 105 need not comprise the Device 105, but there may be valuein connecting the action request to the Device 105 via the identifier.An action request may be initiated by the user of a Device 105associated with the identifier, or may be made by a person or entityother than the user of the Device 105. An action request may bespecific, or implied.

A rule relates to how an action request tied to an identifier (and,thus, the associated Device 105 as well) will be addressed. For example,whereas an action request may comprise a request to allow access toresources of the server, a rule may comprise granting, denying, orrequiring additional information for the request for access. In someembodiments, a rule is associated with specific geographic regions,wherein the specific rule to be applied (i.e., granting, denying, orrequiring additional information for the request for access) is based onthe geographic region within which the Device 105 associated with theidentifier is located.

For purposes of example, and without limitation: for an action requestto access information; the rules may comprise grant, deny, or requireadditional information; for an action request to deliver an e-mail;filtering rules may comprise deliver e-mail, return e-mail, or requireregistration; for an action request to validate the location of a Device105; the rules may comprise validate, invalidate, or unknown. There arenumerous other examples which are readily apparent to one skilled in theart. The rules may be established by a communications services provider,by an emergency services provider, by a company or other entity managingthe information, by a financial services company associated with thefinancial information, by a user, or by another entity.

As noted above, the specific rule to be applied may be dictated by thegeographic region within which the Device 105 associated with theidentifier is located. Different Devices 105 may have similar ruleswhich apply in geographic regions that vary significantly among devices.According to various embodiments, the geographic regions dictating theapplicability of a rule are variable, depending on additional factors.Such factors may include, without limitation, time of day, day of theweek, specific user, movement history, transaction history, accounthistory, recent transactions, Device 105 location, request location, andso on. However, the geographic regions may be fixed, and may be in agrid system. The geographic region may comprise an area within aspecified distance of the location originating an action request. Thus,in some embodiments, action requests may be addressed by comparing thelocation of a Device 105 with the location which originates an actionrequest (i.e., whether they are within a specified distance of oneanother). Alternatively, action requests may be addressed by comparingthe location of a Device 105 with the location which originates anaction request to see if they are in the same fixed region. One skilledin the art will recognize the different possibilities.

For purposes of discussion, specific geographic regions may be discussedwhere “logical location” terminology is used (e.g., different regionsare associated with home, school, work, businesses and other points ofinterest situated in such regions). This terminology is used to aid inthe understanding of the invention, and is not limiting. Thus, anyreference to such a “logical location” (i.e., home, school, etc.) may beunderstood to relate to a geographic region as that term is usedelsewhere in the Description, and vice versa.

In an exemplary embodiment, FIG. 3A illustrates how an action requestmay be processed 300 by a Location Comparison Server 110 in conjunctionwith the Database 115. At block 302, an action request is originated byan Action Request Originator 120, wherein a request is made to use theresources of a server. For example, the request might relate to arequest to access premium Internet content. The action request, and aunique identifier, may then be transmitted to the Location ComparisonServer at block 304. The action request need not originate from theDevice 105 associated with the identifier, as it could be initiated fromany other Originator 120. Alternatively, the action request mayoriginate from the Device 105 associated with the identifier. At block306, the Location Comparison Server 110 determines whether the actionrequest requires location verification. If not, no rule is applied, andother processes (either on the LC Server 110 or elsewhere) manage therequest. If location comparison is required, the Location ComparisonServer 110 queries the Database 115 and correlates the identifier, theDevice 105 associated with the identifier, and action request in theDatabase at block 308.

In some embodiments, the server may then request, at block 310, locationbased data from the Device 105 associated with the identifier. At block312, the Device 105 receives the location based data, and at block 314transmits its unique identifier and the received location based data ina communications signal directed to the Location Comparison Server 110.At block 316, the Server 110 receives the location based data and theidentifier. The Server 110 then identifies, at block 318, the geographicregion or regions where the Device 105 is located from the relevantoptions. In this embodiment, a rule is applicable only in the geographicregion that it is associated with and, thus, the location of the Device105 determines the applicability of a rule. Block 320 illustrates anexample of this concept, as access to the Premium content may be allowedif a Device is located at School or at Home, but not elsewhere. In someembodiments, the area within the dashed line and noted by referencenumeral 322 encompasses the Server 110-Database 115 interaction.

In another exemplary embodiment, FIG. 3B illustrates how an actionrequest may be processed 350 by a Location Comparison Server 110 inconjunction with the Database 115. At block 352, the Device 105 receivesthe location based data, and at block 354 transmits its uniqueidentifier and the received location based data in a communicationssignal directed to the Location Comparison Server 110. The Server 110receives the location based data and the identifier at block 356. TheServer 110 may then store the location based data in the Database inblock 358, correlated with the identifier and the Device.

In some embodiments, an action request is originated, wherein a requestis made to access resources of the Server at block 360. For example, therequest may relate to a request to access secure documents away from aworkstation. The action request, and the unique identifier of the Device105, may then be transmitted by the Originator 120, and received by theLocation Comparison Server 110 at block 362. As noted above, the actionrequest need not originate from the Device 105 associated with theidentifier, as it could originate from any other Originator 120. Atblock 364, the Location Comparison Server 110 determines whether theaction request requires location verification. As above, if not, no ruleis applied, and other processes manage the request. If locationcomparison is required, the Location Comparison Server 110 queries theDatabase 115 and correlates the action request with the rules applicableto the identifier at block 366. The Server 110 then identifies, at block368, the applicable geographic region using the location based data.With the geographic region (or regions) identified, a rule associatedwith the geographic region may then be identified as well. In theseexemplary embodiments, and shown at block 370, a request to accesssecure documents away from a workstation may be granted if the user isat geographic regions representing their work or their vacation home,and denied elsewhere. Alternatively, instead of being denied, a varietyof additional options requiring secondary or tertiary checks may beapplied. In some embodiments, such options could be specified by a user,an employer, a service provider, or other entity. According to someembodiments, the area within the dashed line as noted by referencenumeral 372 encompasses the Server 110-Database 115 interaction.

5. Action Request Origination Location⇄Rule/Geographic Region: Accordingto various embodiments of the invention, an action request may beassociated with a location. An Action Request Originator 120 may receivea set of data identifying the location of the action request. Thislocation based data may reflect the physical location from which theaction request originated, and different degrees on specificity may beused. In some embodiments, the set of data identifying the location ofthe action request may reflect the location of the Action RequestOriginator 120. The set of data identifying the location of the actionrequest may be received in the same manner, or means, as described abovefor the Device 105. This location based data may be transmitted with theaction request and identifier of a Device 105 in one or morecommunication signals over a Network 125, and received by the LocationComparison Server 110. It is worth noting again that the action request,and location based data associated with the action request, may betransmitted with the unique identifier of a Device 105 that is notnecessarily the transmitting device or the Action Request Originator120.

The set of data identifying the location of the action request may bestored in the Database 115 (or elsewhere) by the Location ComparisonServer 110. This location based data may be associated or otherwisecorrelated with the identifier. The identifier may serve as the linkbetween the action request and the Device 105. FIG. 4A shows a table 400which is provided for exemplary purposes only, and illustrates avariation from FIG. 2 showing how the Database 115 may be structuredaccording to certain embodiments of the invention. The table 400contains a column for the storage of the location of an action request405. The location of the action request may serve as an additionaldeterminant dictating 410 the boundaries of the geographic regions 415which specify the applicability of the rules. This concept may beemployed in a variety of configurations as known by those skilled in theart. The specific manner in which the location of an action requestdictates or modifies the boundaries of a given geographic region may beincorporated in the rule itself, within an Application of the Server110, or otherwise embodied on a computer-readable medium.

In yet another exemplary embodiment, FIG. 4B illustrates how an actionrequest, transmitted with a set of data identifying the location of theaction request, may be processed 450 by a Location Comparison Server 110in conjunction with the Database 115. At block 452, an action request isoriginated by an Action Request Originator 120, wherein a request ismade to use the resources of a server. For purposes of this example, therequest relates to a request to authorize a transaction. The actionrequest, location based data associated with the Originator 120, and aunique identifier, may then be transmitted to the Location ComparisonServer 110 at block 454. As noted above, the action request need notoriginate from the Device 105 associated with the identifier, as itcould be initiated from any other Originator 120. At block 456, theLocation Comparison Server 110 determines whether the action requestrequires location verification. If not, other processes manage therequest. If location comparison is required, the Location ComparisonServer 110 may communicate with the Database 115 and store the locationbased data associated with the Originator 120 and action request,correlated with the identifier and the Device 105 associated with theidentifier at block 458.

In some embodiments, the server may then request, at block 460, locationbased data from the Device 105 associated with the identifier. At block462, the Device 105 receives the location based data, and at block 464transmits its unique identifier and the received location based data ina communications signal directed to the Location Comparison Server 110.At block 466, the Server 110 receives the location based data and theidentifier. The Server 110 then delineates, at block 468, the boundariesof the geographic regions where the rules will be applicable. In suchembodiments, the geographic regions may be determined by the location ofthe action request. The Server 110, at block 470, identifies thegeographic region where the Device 105 is located, and therebyidentifies a rule applicable to the action request at block 472. In someembodiments, the area within the dashed line and noted by referencenumeral 474 encompasses the Server 110-Database 115 interaction.

An exemplary embodiment 480 shown in FIG. 4C, a diagram relates how thelocation of the action request may modify a geographic region withinwhich the rule from block 472 is applicable. In this simplistic example,the location of the action request 485 is shown with two variables:within 1000 meters of “Home” region, or outside that area. For purposesof this example, the request relates to a request to authorize atransaction. The rules 490, comprising authorize or deny, are applicablein different geographic regions 495 depending on the action request(i.e. transaction) location. If the transaction request is made within1000 meters of “Home,” the transaction request may be authorized as longas the Device 105 is within the city limits. If outside 1000 meters, thetransaction request may be authorized as long as the Device 105 iswithin 10 meters of the transaction. Such a system might be of value toa person who wants to be able to shop near home without bringing theDevice 105, but wants added security elsewhere. As noted, thisembodiment is presented for exemplary purposes only, and does not in anyway limit the alternative embodiments that are evident to one skilled inthe art.

6. Method for Identifying Location Based Rules: In some embodiments ofthe invention, a method 500 for identifying location based rules on aserver related to a network connected device is described, asillustrated in FIG. 5. At block 505, a database is maintained, and anexample of such a database is illustrated at 115 in FIG. 1. The databaseincludes a table of identifiers, each identifier unique to a networkconnected device. The database further includes rules associated with atleast one identifier in the table dictating how an action request shallbe performed and a plurality of geographic regions, wherein theapplicability of each rule is limited to the geographic regionassociated with that rule.

At block 510, a communications signal from the network connected deviceis received, comprising a set of data identifying the location of thenetwork connected device and the identifier unique to the networkconnected device. At block 515, an action request is received, which isassociated with the identifier unique to the network connected device.At block 520, the applicable rule is identified, the rule associatedwith the identifier unique to the network connected device and thegeographic region within which the device is located.

Having described a broad set of embodiments of the inventions, anexploration of various alternative embodiments will further enableunderstanding of the possible variations and option. The descriptionsabove are to be applied to similar components in the embodiments belowso as to avoid unnecessarily repetitive definitions, except whereotherwise noted.

III. Financial Card Transaction Authorization: One set of embodiments ofthe invention provides systems and methods for authorizing a financialcard transaction based on the location of a mobile communicationsdevice. The set of embodiments described above in II. Broad SystemArchitecture may also authorize financial card transactions, but thefollowing description further enables and modifies certain aspects ofthe invention. The method can be used in a variety of systems, and othermethods can be used as well, as will be apparent to one skilled in theart in light of this disclosure.

A communication system 600 illustrating a set of embodiments is shown inFIG. 6A. According to some embodiments, a mobile communications device605 receives a set of data identifying the location of the device, suchas GPS coordinates 135. The device may then transmit, in acommunications signal, the set of location data and an identifier uniqueto the mobile device 605 to the Location Comparison Server 110. TheServer 110 is in communication with the mobile device 605 and anAuthorization Database 615.

The Authorization Database 615 may comprise a table of identifiers(including the identifier of the mobile device 605). In someembodiments, each identifier in the table is unique to a mobileelectronics device, and is also associated with at least one financialcard number. The Location Comparison Server 110 may receive thecommunications signal, and store the location based data from the mobiledevice 605 in the Authorization Database 615. The Server 110 mayreceive, from a Transaction Authorization Originator 620, a request forauthorization of a transaction with a financial card number and dataidentifying the location of the transaction. In some embodiments, thefinancial card number is associated, in the Database 615, with theidentifier unique to the mobile device 605. The Location ComparisonServer may authorize the transaction if the database indicates that thedevice is located within specified geographic regions, the regionsdetermined by the location of the transaction. In this way, variousprocedures may be used to compare the location of a financial cardtransaction with the physical location of a user carrying the mobiledevice. A number of variations are addressed below.

1. Mobile Device: The mobile communications device 605 may comprise anymobile Network Connected Device 105. Examples include: a cellular phone,a VoIP phone, a personal digital assistant, a pager, a text messagingdevice, a laptop, a portable digital music player, a two way radio, anymobile computing device, or other mobile device that transmits datasignals, or other signals that contain data. A mobile device 605communicates with a Network 125 or any component thereof, and theconnection of the Device 105 and Network 125 may be via any wired,wireless, or other connection. As described above for a NetworkConnected Device, the mobile device 605 receives a set of dataidentifying the location of the device, such as GPS coordinates 135. Themobile device 605 may receive the location based data in a variety ofways, in any manner described above. In one embodiment, the receiver maycomprise a detachable GPS receiver coupled to a USB connector. Themobile device may then transmit, in a communications signal, the set oflocation data and an identifier unique to the mobile device 605 to theLocation Comparison Server 110. This transmission may occur before, orafter, a request to authorize a financial card transaction has beenmade.

2. Authorization Database: In this set of embodiments, a mobile device605 is in communication with the Location Comparison Server 110, andassociated Authorization Database 615. The Authorization Database 615may be designed in the same manner as the Database 115 described above,and may be a component of the Database 115. FIG. 6B shows a table 625which is provided for exemplary purposes only, and illustrates how theAuthorization Database 615 content may be structured according tocertain embodiments of the invention. Certain contents of the table 625described below may not be stored in the Authorization Database 615 and,instead, may be stored elsewhere on a temporary or more permanent basis.The Authorization Database 615 may comprise a table of identifiers 632,each identifier in the table unique to one of any number of mobilecommunication devices 630. Each identifier and mobile device 605 in thetable may also be associated with one, or more, financial card numbers634. Such cards may include, without limitation, credit cards, debitcards, ATM cards, charge cards, or any other financial cards.

In some embodiments, the table 625 may include any number of requestsfor authorization of a transaction using a financial card number 636(i.e., AuthRequest_(1A), AuthRequest_(2A), etc.). In the example, thesubscript number denotes the mobile device 605/identifier combination towhich the authorization request is applicable, while the subscriptcapital letter denotes the specific request. In other embodiments, morethan one number may be associated with each mobile device605/identifier, and any number of authorizations may be requested foreach such number. An authorization request may be made by a user, aretail merchant, a financial services company, or any other person ororganization. As used herein, a financial services company comprises abank, a savings and loan, a credit card company, an investment company,a mortgage company, a mutual fund company, or any other business entitythat provides financial services.

Each authorization request 636 is subject to one or more rules 640dictating how an authorization request to be performed by the Server 110shall be performed (i.e., Authorize, Deny, Request more information,etc.—there are many other rules which are evident to those skilled inthe art). In various embodiments, the rules are applicable only to asubset of the identifiers in the table, or only a specific identifier.

The table 625 also includes a plurality of geographic regions 642. Insome embodiments, each geographic region 642 is associated with a rule640, wherein the applicability of a rule 640 is limited to thegeographic region 642 associated with that rule 642. The applicablegeographic region 642 may be determined by comparing 644 the location646 of mobile device 605 to different geographic regions 642 to see ifit is within a given region. For a given device 605, the applicable rule640 may be determined by the correlating a rule 640 applicable to anauthorization request 636 with the geographic region 642 within which adevice 605 is located 646.

The table 625 also contains a column for the location of a request toauthorize a transaction 638. This location may comprise the “Location ofAction Request 405” described above. The location of the request toauthorize the transaction may serve as an additional determinantdictating 648 the boundaries of the geographic regions 642 which specifythe applicability of the rules. This concept may be employed in avariety of configurations as known by those skilled in the art. Thespecific manner in which the location of an authorization requestdictates or modifies the boundaries of a given geographic region may beincorporated in the rule itself, within an Application of the Server110, or otherwise embodied on a computer-readable medium. In anotherembodiment, the database may comprise additional rules dictating how thelocation of the transaction will determine the geographic regions 642.

In some instances, a transaction may be authorized if the comparisonbetween the location of the mobile device 605 and the transaction arewithin a specified distance of each other. Thus, the geographic region642 to authorize 640 a transaction may be determined 648 by the location638 of the request, as the region may simply be the circular area aroundthe request location with a radius equal to the specified distance. Inother embodiments, the geographic regions 642 may each be fixed and,thus, the transaction may be authorized if the mobile device 605 and thetransaction are located in the same geographic region. In still otherembodiments, the location of the mobile device 605 may also be adeterminant of the boundaries of the geographic regions. For example, ifthe device is located in an area that is not traveled to often by theuser, the geographic region for authorization may be small.Alternatively, if the device is located in the home of a user, theauthorization region may be larger. In some embodiments, some rules (andthe geographic regions associated therewith) may require additionalauthentication, such as a picture download to verify identity, a secondform of identification, or a secure password or PIN. Such additionalauthentication could also require the input of a secure password or PINreceived via a text or other short message on the mobile device 605.

Furthermore, in certain embodiments, the determinants of the geographicregions may be dictated by a financial services company, a user, a cardissuer, or other entities or persons. For example, the AuthorizationDatabase 615 may allow input of user preferences dictating how thelocation of the transaction or the device may dictate the boundaries ofthe geographic regions 642. For example, if a user is travelingoverseas, a user may change rules for the regions of travel according tosome embodiments. In light of this discussion, and as addressedpreviously, geographic regions are often variable based on the factorsdiscussed elsewhere in this Description.

3. Location Comparison Server 110: The Location Comparison Server 110may authorize a transaction request according to rules in theAuthorization Database 615, in a similar manner as that described abovefor the Database 115. Application software running on the LocationComparison Server 110 may receive a request to authorize a financialcard transaction based on a financial card number. The Server mayassociate card number with an identifier, and query the database toidentify the applicable rule associated with the authorization given thelocation of the Device.

The Location Comparison Server 110 may identify the applicable rule froma set of rules which dictate the different ways in which anauthorization request from a given mobile device 605 will be handled,with each rule dependent on the geographic region in which a device 605is located. Each rule may apply to one, or more, device 605/identifiercombinations, and different rules may apply to the different financialcard numbers associated with the same device 605/identifier combination.

4. Authorization Request Origination Location⇄Rule/Geographic Region: Arequest to authorize a transaction relating to a financial card numberrelates to any part of the authorization process that may be provided bya server, such as the Location Comparison Server. An authorizationrequest may originate from any network connected device or othercomputing device which communicates with a Network 125. For ease indiscussion, such a device will be termed a “Transaction AuthorizationOriginator 620.” The transaction Authorization Originator 620 includesany such device which transmits or otherwise initiates an authorizationrequest.

The Authorization Request Originator 120 may receive a set of dataidentifying the location of the action request, or may have the locationmanually entered. According to various embodiments, the Originator 620transmits an authorization request, the set of data identifying thelocation of the request, and a financial card number via one or morecommunication signals. The communications signals from the Originator620 may be transmitted in the same manner described above relating totransmissions from the Device 105. One purpose of the correlation of theidentifier to the financial card number in the Authorization Databasemay be to link an authorization request to a mobile device 605. This maybe of importance because an authorization request may be initiated froma Device 605, or may be initiated from another source. Such a source maybe a retail location, a card issuer, a financial institution, or othersuch party.

FIG. 6C illustrates how an authorization request may be processed 650 bya Location Comparison Server 110 in conjunction with the Database 115.At block 652, the mobile device 605 receives the location based data,and at block 654 transmits its unique identifier and the receivedlocation based data in a communications signal directed to the LocationComparison Server 110. The Server 110 receives the location based dataand the identifier at block 656. The Server 110 may then store thelocation based data in the Database in block 658, correlated with theidentifier and the Device.

In some embodiments, an authorization request is originated, wherein arequest is made to authorize a financial card transaction at block 660.For example, the request may relate to a request to authorize a creditcard transaction at a retail location. The action request, and theunique identifier of the Device 105, may then be transmitted by theOriginator 620, and received by the Location Comparison Server 110 atblock 662. In this instance, for example, the entity controlling theOriginator 620 may be a retail merchant, a credit card company, or otherfinancial institution. At block 664, the Location Comparison Server 110determines whether the authorization request requires locationverification. If not, other processes manage the request. If locationcomparison is required, the Location Comparison Server 110 queries theDatabase 115 and correlates the financial card number with the uniqueidentifier at block 666. The Server 110 then delineates, at block 668,the boundaries of the geographic regions in light of the location of theauthorization request. The applicable geographic region(s) areidentified at block 670, and a rule associated with a geographic regionmay then be identified as well, at block 672. In these exemplaryembodiments, shown at block 672, a transaction may be authorized if thedevice is in a geographic region comprising the area 10 meters around atransaction. If the transaction and the device are not located in thesame city, the transaction will be denied according to theseembodiments. More information may also be required in certain instances.According to some embodiments, the area within the dashed line as notedby reference numeral 674 encompasses the Server 110-Database 115interaction.

5. Method of Authorization of Financial Card Transaction: In someembodiments of the invention, a method 675 for processing anauthorization request on a server related to a mobile device 605 isdescribed, as illustrated in FIG. 6D. At block 680, a database ismaintained, and an example of such a database is illustrated at 615 inFIG. 6A. The database comprises a table of identifiers, each identifierunique to a network connected device, with each identifier associatedwith one or more financial card numbers.

At block 682, a communications signal from a mobile device is received,comprising a set of data identifying the location of the mobile deviceand the identifier unique to the mobile device. At block 684, the set ofdata identifying the location of the device is stored in the database.At block 686, a request to authorize a transaction with a financial cardis received, which is associated with the identifier unique to themobile device. At block 688, the transaction is authorized if theDatabase indicates that the mobile device associated with the financialcard number is located within certain geographic regions determined, inpart, by the location of the mobile device.

IV. Financial Information Access: One set of embodiments of theinvention provides systems and methods for allowing (or prohibiting,screening, etc.) access to financial information based on the locationof a mobile communications device. The set of embodiments describedabove in II. Broad System Architecture may similarly screen access tofinancial information, but the following description further enables andmodifies certain aspects of the invention. For example, the presentembodiments may allow access based on the location of a mobilecommunications device, whereas other embodiments may allow access basedon the location of any network connected device.

In order to illustrate certain architectural similarities betweensystems, reference is made to the communications system 100 shown inFIG. 1. The financial information access embodiments provide for amobile communications device to receive a set of data identifying thelocation of the device. As noted previously, a mobile communicationsdevice represents a subset of the devices described above as networkconnected devices. According to certain embodiments, the mobile devicemay transmit, in a communications signal, the set of location data andan identifier unique to the mobile device to the Location ComparisonServer 110. The Server 110 is in communication with the mobile deviceand a Financial Information Access Database (hereinafter “AccessDatabase”). The Access Database may comprise a subset of the Database115, but may also have additional features. The Location ComparisonServer 110 may receive the communications signal, and store the locationbased data from the mobile device in the Access Database. The AccessDatabase may comprise a table of identifiers (including the identifierof the mobile device). In some embodiments, each identifier isassociated with a different set of financial information. The set offinancial information may be associated with one or more accountnumbers. In some embodiments, the account number or numbers areassociated, in the Access Database, with the identifier unique to themobile device.

The Server 110 may then receive a request for access to a set offinancial information, and a set of data identifying the location of therequest. The set of financial information may include the identifierdirectly, or indirectly, as it may include an account number or otherlink to the identifier). The Location Comparison Server 110 may allowaccess if the Access Database indicates that the device is locatedwithin specified geographic regions, the regions determined by thelocation of the request. In this way, various procedures may be used tocompare the location of a request for access to financial information(e.g., certain accounts) with the physical location of an account ownercarrying the mobile device. A number of variations are addressed below.

1. Device/Database/Server: The mobile communications device may compriseany mobile Network Connected Device 105, and is described in detailabove. The communication between such a mobile device and the Network125 may be via any wired, wireless, or other connection. The mobiledevice may receive the location based data in a variety of ways(including integrated hardware or various attachments), in any mannerdescribed above. The mobile device may then transmit, in acommunications signal, the set of location data and an identifier uniqueto the mobile device to the Location Comparison Server 110. Thistransmission may occur before, or after, a request to access financialinformation has been sent or received.

In this set of embodiments, a mobile device is in communication with theLocation Comparison Server 110, and associated Access Database. TheAccess Database may be designed in the same manner as the Database 115described above, and may be a component of the Database 115. FIG. 7Ashows a table 700 which is provided to illustrate certain relationships,and show how the Access Database content may be structured according tocertain embodiments of the invention. Certain contents of the table 700described herein may, or may not, be stored in the Access Database and,instead, may be stored elsewhere on a temporary or more permanent basis.

The Access Database may comprise a table of identifiers 704, eachidentifier in the table unique to one of any number of mobilecommunication devices 702. Each identifier and mobile device in thetable may also be associated with a set of financial information 706,which may comprise one, or more, account numbers. Account numbers may beassociated with accounts of individual users, businesses, corporateentities, or others. Such information may include, without limitation,bank accounts, credit card accounts, investment accounts (e.g., stocks,mutual funds, 401(k)), e-commerce accounts, utility accounts, creditcard payment information, etc. The set of financial information may alsocomprise personal information (e.g., name, address, DOB, SS#), corporateinformation, employment or salary data, account balances, passwords,authentication or encryption data, trade secrets, etc.

In some embodiments, the table 700 may include one or more requests foraccess to the set (or subset thereof) of financial information 708(i.e., AccessRequest_(1A), AccessRequest_(2A), etc.). In the example,the subscript number denotes the mobile device 605/identifiercombination to which the access request is applicable, while thesubscript capital letter denotes the specific request. In someembodiments, more than one account number may be associated with eachmobile device 605/identifier, and any number of access requests may bemade for each such number. Also, different rules may apply to eachaccount number. An access request may be made electronically, over thephone, or in person. An access request may be made by a user, amerchant, a financial services company, or any other person ororganization. An access request may be made from the mobile device, orfrom another source. The access request may be made from an ActionRequest Originator 120.

Each access request 708 may be subject to one or more rules 712dictating how an access request to be performed by the Server 110 shallbe performed (i.e., Allow, Refuse, Request more information, etc.—thereare many other rules which are evident to those skilled in the art). Insome embodiments, the rule may comprise validating a password. Invarious embodiments, a rule is applicable only to a subset of theidentifiers in the table, or only a specific identifier. Thus, invarious embodiments, each set of financial information may be associatedwith different rules of access. The rules may be established by acommunications services provider, a company or other entity managing theinformation, by a financial services company associated with thefinancial information, by a user, or by another entity.

The table 700 also includes a plurality of geographic regions 714. Insome embodiments, each geographic region 714 is associated with a rule712, wherein the applicability of a rule 712 is limited to thegeographic region 714 associated with that rule 712. The applicablegeographic region 714 may be determined by comparing 716 the location718 of mobile device to different geographic regions 714 to see if thedevice is within a given region. For a given device, the applicable rule712 may be determined by correlating each rule 712 associated with anaccess request 708 with the geographic region 714 within which a deviceis located 718.

The table 700 also contains a column for the location of an accessrequest 710. This location may comprise the “Location of Action Request405” described above. The location of the access request may serve as anadditional determinant dictating 720 the boundaries of the geographicregions 714 which specify the applicability of the rules. This conceptmay be employed in a variety of configurations as known by those skilledin the art. The specific manner in which the location of an accessrequest dictates or modifies the boundaries of a given geographic regionmay be incorporated in the rule itself, within an Application of theServer 110, or otherwise embodied on a computer-readable medium. Inanother embodiment, the database may comprise additional rules dictatinghow the location of the access will determine the geographic regions714.

In some instances, access may be allowed if the comparison between thelocation of the mobile device and the access request are within aspecified distance of each other. Thus, the geographic region 714 toallow 712 a transaction may be determined 720 by the location 710 of therequest, as the region may simply be the circular area around therequest location with a radius equal to the specified distance. In otherembodiments, the geographic regions 714 may each be fixed and, thus,access may be allowed if the mobile device and the transaction arelocated in the same geographic region. In still other embodiments, thelocation of the mobile device may also be a determinant of theboundaries of the geographic regions. For example, if the device is notlocated in the home of a user, the “allow” region may be small, becausefinancial information may be less likely to be accessed away from home.Furthermore, in certain embodiments, the determinants of the geographicregions may be dictated by a financial services company, a user, a cardissuer, or other entities or persons. For example, the Access Databasemay allow input of user preferences dictating how the location of thetransaction or the device may dictate the boundaries of the geographicregions 714. In light of this discussion, and as addressed previously,geographic regions are often variable based on the factors discussedelsewhere in this Description.

The Location Comparison Server 110 may authorize an access requestaccording to rules in the Access Database, in a similar manner as thatdescribed above for the Database 115. Application software running onthe Location Comparison Server 110 may receive a request to access a setof financial information. The Server 110 may associate an account numberwith an identifier by searching the Access Database 615, and query thedatabase to identify the applicable rule associated with the requestgiven the location of the mobile device. In different embodiments, theServer 110 may directly receive the identifier with the access request.The Location Comparison Server 110 may identify the applicable rule froma set of rules which dictate the different ways in which anauthorization request from a given mobile device will be handled, witheach rule dependent on the geographic region in which a device islocated.

2. Authorization Request Origination Location⇄Rule/Geographic Region:FIG. 7B illustrates how an access request, transmitted with a set ofdata identifying the location of the action request, may be processed750 by a Location Comparison Server 110 in conjunction with the AccessDatabase. This is an exemplary embodiment, and merely illustratesrelationships that are applicable to this set of embodiments, and theother embodiment of the invention as well. It is worth noting that theaccess request may comprise an action request 215, as that term isdescribed above. At block 752, an access request is originated. Forpurposes of this example, the request relates to a request to accesscredit card account information. The access request (including anaccount number) and location based data associated with the request, maythen be transmitted to the Location Comparison Server 110 at block 754.As noted above, the action request need not originate from the mobiledevice associated with the identifier, as it could be initiated from anyother Originator 120 (e.g., Personal Computer, Workstation, Server,etc.). At block 756, the Location Comparison Server 110 receives therequest and location based data. The Location Comparison Server 110 maythen, at block 758, communicate with the Database 115 and store thelocation based data associated with the Originator 120 and AccessRequest, correlated with the identifier and the mobile device associatedwith the identifier.

Either before or after the access request is originated, at block 760,the mobile device may receive location based data which indicates thelocation of the mobile device. At block 762, the device may transmit itsunique identifier and the received location based data in acommunications signal directed to the Location Comparison Server 110. Atblock 764, the Server 110 receives the location based data and theidentifier. The Server 110 may then, at block 766, store the locationbased data for the mobile device, associated with the identifier. Atblock 768, Server 110 delineates the boundaries of the geographicregions where the rules will be applicable. In some embodiments, thegeographic regions may be determined by 1) the location of the actionrequest, 2) the location of the device, 3) rules applicable to andaccount number/mobile device/identifier combination, and 4) additionalfactors and rules. The Server 110, at block 770, identifies thegeographic region where the Device 105 is located, and therebyidentifies a rule applicable to the action request at block 772. Inalternative embodiments, various combinations of the data illustrated inthe table may be included in the Access Database, or stored elsewhere ona temporary or more permanent basis.

3. Method: Allow Access to Financial Information: Some embodiments ofthe invention comprise a method 775 for processing, on a server, arequest to access financial information related to a mobilecommunications device, an example of which is illustrated in FIG. 7C.The following elements are for exemplary purposes only, and may be usedinterchangeably with elements described elsewhere. At block 780, adatabase is maintained, and an example of such a database is illustratedat 115 in FIG. 1. The database comprises a table of identifiers, eachidentifier unique to a mobile communications device, with eachidentifier associated with a different set of financial information.

At block 782, a communications signal from a mobile communicationsdevice is received, comprising a set of data identifying the location ofthe mobile device and the identifier unique to the mobile device. Atblock 784, the set of data identifying the location of the device isstored in the database. At block 786, a request to access a set offinancial information is received, which is associated with theidentifier unique to the mobile device, along with data identifying thelocation of the request. At block 788, the transaction is authorized ifthe Database indicates that the mobile device associated with thefinancial number is located within certain geographic regions which aredetermined, in part, by the location of the mobile device.

V. Emergency Services: Another set of embodiments of the inventionprovides systems and methods for contacting an appropriate emergencyservice provider and providing location based user information from anetwork connected device. The set of embodiments described above in II.Broad System Architecture may also enable a similar connection to anemergency services provider, but the following description furtherenables and modifies certain aspects of the invention. For example, thepresent embodiments may specifically provide user information based onthe location of the device.

1. Overview: According to various embodiments of the invention, a systemfor contacting emergency services is described. The system may comprisea number of components, including a network connected device configuredto receive a set of data identifying the location of the device. Thenetwork connected device may transmit a communications signal whichincludes information comprising the received location based data, anidentifier unique to the device, and a request to contact emergencyservices.

In certain embodiments, the system includes a database which comprises atable of identifiers (including the identifier unique to the device),and each identifier is associated with different sets of userinformation stored in the database. Some of the user information mayonly be applicable to certain geographic regions. A location comparisonserver, in communication with the device and the database, may receivethe communications signal, and identify a subset of the user informationapplicable to the location of the device and the identifier. The servermay then transmit the request, the location of the device, and thesubset to an emergency services provider determined by the location ofthe device.

2. Emergency Services Contact System: An exemplary embodiment of thesystem 800 is described in FIG. 8A. At block 802, the network connecteddevice receives location based data which, in this embodiment, comprisesGPS data. It is again worth noting that the network connected device maycomprise any of the devices so described above (in Section II),including a mobile communications device. As noted, the device may bedirectly or indirectly coupled with a receiver component which enablesthe reception of location based information. The location basedinformation may be received by hardware coupled to, with, or otherwiseintegrated into the device. In some embodiments, the hardware mayinclude a USB or other connector to be removable from the device, andthen coupled with another network connected device to provide similarfunctionality without reconfiguration of the hardware. The hardware maycomprise a GPS receiver.

At block 804, a request to contact emergency services may be initiatedfrom the device. In some embodiments, the network connected device maybe coupled with a screen. The screen may contain a graphicalrepresentation of a button or other icon which initiates a request tocontact emergency services. In some embodiments, the screen may be atouchscreen, or the button or icon may be selected with a mouse, keypad,keyboard, or other method. In some embodiments, the use of the button orother icon may require a confirmatory response. In other embodiments,the device may include a button, touchpad, or other one touch method toinitiate a request, which may optionally require a confirmatoryresponse.

At block 806, the device may transmit, in a communications signal: 1) anidentifier unique to the device, 2) a set of data identifying thelocation of the device, and 3) a request to contact an emergencyservices provider. While the communications signal, location based data,and identifier unique to the device are described adequately above, therequest may require further explanation. Such a request may comprise anyamount of information related to a request for emergency services. Forexample, in the case that an “emergency” button is coupled with adevice, the request may contain no specific information except that aperson has pushed the emergency button. Alternatively, a request mayinclude very specific information describing the need for emergencyassistance (e.g., how many people may be hurt, what medical attentionmay be needed, image data of an accident, etc.). The data included inthe request may, thus, comprise any type of data, including text andimage data. An emergency services provider may comprise a local PublicService Answering Point (“PSAP”) or other similar provider, an E911control office, or a dispatcher for or other connection to a Hospital,Police Department, Fire Department, Ambulance Company or other emergencyservice provider. At block 808, the Location Comparison Server 110 mayreceive the 1) identifier unique to the device, 2) set of dataidentifying the location of the device, and 3) request to contact anemergency services provider. In different embodiments, the Server 110may store any of this received information in an Emergency Servicesdatabase (“ES database”). In some embodiments, this ES database maycomprise, or be a subset of, the Database 115.

At any time before, or after, the device transmission, a table of uniqueidentifiers may be stored in the ES Database, at block 810. Eachidentifier may be associated with a different device. At block 812,different sets of user information may be stored in the ES database,each set associated with one of the unique identifiers. Various parts ofeach set of user information may be associated with different geographicregions, as discussed in greater detail below.

User information may comprise a floor plan or other architecturaldiagram from a home, work, or other structure; a listing of personsliving in the home; a listing of persons employed at work; a map of ageographic region for a work, home, or other location; a listing ofmedical conditions; a listing of allergies; a listing of medications;contact information for a doctor or other medical professional; alisting of emergency contacts; personal information (name, home address,work address, age, gender, height, weight, additional description);special medical directions; any other related information; and any partor combination thereof. As is evident from the description of the userinformation, some of the user information is location dependent.Therefore, in certain embodiments, parts of a set of user informationmay be associated with different geographic regions. When a devicerequests emergency services from certain locations, the locations of thedevice may be compared to the geographic regions to determine whichparts of the user information are relevant, given the location of thedevice. By way of example, a map of the geographic region around workand the floor plan at work might only be transmitted if a user is within100 meters of work. As evident to those skilled in the art, there are anumber of ways to associate the location of the device with locationspecific user information.

In some embodiments, the user information may be modified by a userassociated with the user information from the network connected device.In other embodiments, the information may be modified by a medicalprofessional, a communications service provider, or other entity, andsuch modifications may be made via a web interface or other connection.The applicable geographic regions may be similarly modified.

FIG. 8B shows a table 825, provided for exemplary purposes only,illustrating how the ES database content may be structured according tocertain embodiments of the invention. Certain contents of the table 825described below may, or may not, be stored in the ES database and,instead, may be stored elsewhere on a temporary or more permanent basis.The ES database may comprise a table of identifiers 832, each identifierunique to a device 830. Each identifier and device in the table may alsobe associated with a set of user information 834, as described above(e.g., Device₁ is associated with User Information(X)_(1A,1B,1C,1D),Device₂ is associated with User Information(X)_(2A,2B,2C,2D), etc.). Theuser information may also be associated with limited (or unlimited)geographic regions, which may indicate a limited area in which theparticular piece of user information is relevant (e.g., UserInformation(X)_(1A) applicable in Geographic Region(X)_(1A), UserInformation(X)_(1B) applicable in Geographic Region(X)_(1B), etc.). Insome embodiments, for a given device, the applicable user information834 to be transmitted may be determined by the correlating 838 theassociated geographic region 836 and the current location 840 of thedevice. In other embodiments, different comparisons 838 between thecurrent location 840 of a device and geographic regions 836 may be madeto determine the subset of user information 834 to be transmitted.

The specific manner in which a given geographic region may be determinedmay be incorporated in a rule, within an Application of the Server 110,or otherwise embodied on a computer-readable medium. In anotherembodiment, the database may comprise additional rules dictating how todetermine the geographic regions, as described throughout this detaileddescription.

Returning now to FIG. 8A, at block 814, the Location Comparison Server110 may bring the data together by correlating, via the commonidentifier, 1) the request for emergency services and location baseddata from the device, and 2) the user information. At block 816, theServer 110 may identify a subset of the user information applicable tothe location of the device, as described above. At block 818, the Server110 may transmit the subset of user information, the request, and thelocation based data for the device to an emergency services providerdetermined by the location of the device. The appropriate localemergency services provider may be determined by using the locationbased data for the device to determine the provider serving that area.E911 provides an exemplary system for such switching with its E911control office, as the office functions as a selective router to routecellular calls to the appropriate local PSAP. One skilled in the art mayeasily adapt this, or other related technology, to provide similarrouting capability for the present invention. The transmission may bedirected to reach the appropriate local emergency services providerdirectly, or indirectly.

According to some embodiments, the Location Comparison Server 110 mayestablish a connection with the emergency services provider via aNetwork 125. Because the Server 110 may also be connected with thenetwork connected device, this may allow the establishment of acommunications link between the network connected device and theemergency services provider via the Server 110. Those skilled in the artwill recognize the various types of connections that may be created withsuch a link. For example, the communications link may provide fortwo-way communication (e.g., telephone call, voice call, video call,text messaging, other two way messaging). One-way communications (e.g.,e-mail, voice mail) may also be established.

In other embodiments, after a Server 110 has transmitted a request to anemergency services provider, the Server may continue to receive updatedsets of data identifying the location of the device. Having specificallydescribed the system, it will be apparent to one skilled in the art thevariety of methods that may be used in conjunction with the system. Onesuch exemplary method is described below. The method can be used in avariety of systems, and other methods can be used as well, as will beapparent to one skilled in the art in light of this disclosure.

3. Method for Contacting Emergency Service Provider: Certain embodimentsof the invention comprise a method 850 for facilitating a request tocontact an emergency services provider, via a server, from a networkconnected device. An example of such a method is illustrated in FIG. 8C.The following elements are for exemplary purposes only, and may be usedinterchangeably with elements described elsewhere. At block 852, adatabase is maintained, and an example of such a database is illustratedat 115 in FIG. 1. The database comprises a table of identifiers, eachidentifier unique to a network connected device, with each identifierassociated with a different set of user information.

At block 854, a communications signal from a network connected devicemay be received, comprising a set of data identifying the location ofthe device and the identifier unique to the device, along with a requestfor emergency services. At block 856, a subset of user information isidentified, the subset being applicable to the location of the deviceand selected from the associated set of user information. At block 858,the request, location of the device, and subset of user information maybe transmitted to an emergency services provider serving the region inwhich the device is located.

VI. Avoiding Unwanted Communications: Yet another set of embodiments ofthe invention provides systems and methods for avoiding unwantedcommunications from a network connected device. The set of embodimentsdescribed above in II. Broad System Architecture may also provide forthe ability to apply filtering rules to electronic messages, but thefollowing description further enables and modifies certain aspects ofthe invention. For example, the present embodiments may specificallyprovide receiver-specific filtering rules based on the location of thesender.

1. Overview: In various embodiments of the invention, a system forreceivers of electronic messages to avoid unwanted electroniccommunications is described. The system may comprise any number ofnetwork connected devices, which are the senders of the electronicmessages. In some embodiments, one such network connected device isconfigured to receive a set of data identifying the location of thedevice. That device may transmit a communications signal, whichcomprises the received location based data and an electronic messagedirected at a receiver of electronic messages.

In certain embodiments, the system includes a database which comprises atable of receivers (including the receiver to which the message isdirected). Each receiver is associated with a different set of filteringrules, each rule dictating how to filter an electronic message sent froma specific geographic region. A location comparison server, incommunication with the device and the database, may receive the locationbased data from the sender, and an identification of the receiver towhich the message is directed. The location comparison server may thenselect a filtering rule applicable to the identified receiver and thegeographic region from which the message was sent. Thus, receivers mayblock or otherwise filter messages from locations which may originateunwanted communications.

2. System to Filter Unwanted Communications based on Location: Anexemplary embodiment of the system 900 is described in FIG. 9A. Theindividual elements may be rearranged, and need not occur in thefollowing order, which is for purposes of example only. At block 902, anetwork connected device may initiate a request to deliver an electronicmessage by creating a message. This first network connected device maybe referred to hereinafter as the “sender.” An electronic message, asthat term is used herein, may comprise an e-mail, a text message, acontrol message, a packet, an electronic message comprising data, text,image, audio, or any combination thereof, or any electroniccommunication directed to be delivered to a specific device, series ofdevices, or other electronic address (such as an IP address). Anelectronic message need not contain any specific amount of information.It is again worth noting that the network connected device may compriseany of the devices so described above (in Section II), including devicesas varied as a mobile communications device or an e-mail server.

At block 904, the network connected device may receive a set of dataidentifying its location. As noted, the network connected device (i.e.,sender) may be directly or indirectly coupled with a receiver componentwhich enables the reception of location based information, such as a GPSreceiver. The location based information may be received by hardwarecoupled to, with, or otherwise integrated into the device. In certainembodiments, there is an authentication mechanism or other procedure,configured in hardware or software, to ensure that the electronicmessage has originated or is otherwise associated with valid locationbased data. Those skilled in the art will recognize the variety ofoptions to ensure validity, authentic location based data is linked tothe electronic message.

At block 906, the device may transmit, in a communications signal: 1)the set of data identifying the location of the device, and 2) theelectronic message, directed to a specific receiver. This transmissionmay comprise a delivery request. While the communications signal,location based data, and electronic message are described adequatelyabove, the term “receiver” may require further explanation. A receivermay comprise a second network connected device that is configured toreceive an electronic message. While many such devices may include an IPaddress or an IM address, and may often be delivered over a Network 125,any addressing scheme or electronic delivery system may suffice. Forexample, a receiver may comprise a recipient within a proprietaryelectronic message delivery system. As is known in the art, suchproprietary systems are widely available on a commercial basis. It isanticipated that electronic messaging systems will continue to evolve,and that the term receiver may comprise any second network connecteddevice configured to receive an electronic message.

At block 908, the Location Comparison Server 110 may receive the 1) setof data identifying the location of the sender, and 2) an identificationof the receiver to which the electronic message is directed. The Servermay also receive the contents of the message, or any communicationssignal, packet or set of packets which together comprise “the electronicmessage, directed to a specific receiver” transmitted by the sender.However, in various embodiments, the Server 110 may simply receive anidentification of the receiver without any additional content. This mayallow, for example, an e-mail server (or other intermediary) to querythe Location Comparison Server 110 without sending the contents of themessage. The identification may comprise an e-mail address, an IMaddress, an identifier unique to a receiver (as described elsewhere inthis Application), or any address or other identifier which provides fordelivery of an electronic message to the receiver. In differentembodiments, the Server 110 may store any of this received informationin an Unwanted Messaging database (“UM database”). In some embodiments,this UM database may comprise, or be a subset of, the Database 115.

At any time before, or after, the device transmission, a table ofreceivers (including the receiver to which the message is directed) maybe stored in the UM Database, at block 910. At block 912, different setsof filtering rules may be stored in the UM database, each set associatedwith one of the receivers. A filtering rule may comprise a rule, as thatterm is used elsewhere in this application. Various rules of each set offiltering rules may be associated with different geographic regions, asdiscussed in greater detail below.

Filtering rules may comprise allowing, blocking, or forwarding deliveryof an electronic message, or any other similar filtering or screeningprocess. For example, one rule may specify that the message should beforwarded to another server for preemptive e-mail protection. Anycombination of anti SPAM, SPIM, SPIT, virus and phishing services maycomprise a filtering rule. Attachment or content filtering may alsocomprise a filtering rule. For example, downloading of “adult” contentmay be limited for specified receivers in regions around schools,daycare centers, workplaces, etc. Other exemplary filtering rules maycomprise requesting more information from the sender, requiringregistration from the sender, or asking the receiver of the electronicmessage what action to take with the message. Yet another filtering rulemay comprise a message to the sender that a fee must be paid for thedelivery of the message, and an optional description or procedure forsuch payment. Those skilled in the art will recognize the wide varietyof filtering and screening rules that may be implemented, either aloneor in combination.

At block 914, a Location Comparison Server 110 may define limited (orunlimited) geographic regions in which a filtering rule is applicable byassociating rules with different geographic regions. For example, if areceiver was receiving a significant amount of SPAM from a certainlocation or region, a block filtering rule may be applied to thatlocation or region. Alternatively, an allow filtering rule may beapplied for regions associated with friends, work, clients, etc. Otherfiltering rules, of varying granularity, may be applied if the regionsare less known.

In some embodiments, filtering rules may be modified by a user of thereceiver associated with the set of filtering rules. The modificationmay be made from the receiver, or from another device via a webinterface or otherwise over a Network 135. In other embodiments, theinformation may be modified by a communications service provider, apreemptive e-mail protection service, or other entity, and suchmodifications may be made via a web interface or other connection. Theapplicable geographic regions may be similarly modified.

FIG. 9B shows a table 925, provided for exemplary purposes only,illustrating how the UM database content may be structured according tocertain embodiments of the invention. Contents of the table 925described below may, or may not, be stored in the UM database and,instead, may be stored elsewhere. The UM database may comprise a tableof receivers 930. The table shows a column 932 to illustrate how adelivery request is associated with a receiver. Such a delivery requestmay comprise an action request, as that term is used elsewhere. Eachreceiver in the table may also be associated with a set of filteringrules 934, as described above (e.g., Receiver₁ is associated withRules(X)_(1i,1ii,1iii,1iv), Receiver₂ is associated withRules(X)_(2i,2ii,2iii,2iv), etc.). Each filtering rule may also beassociated with limited (or unlimited) geographic regions 936, which mayindicate a limited sending area in which the filtering rule may beapplied for a receiver (e.g., Rule(X)_(1i), applicable in GeographicRegion(X)_(1i), Rule(X)_(1ii) applicable in Geographic Region(X)_(1ii),etc.). In some embodiments, for a given device, the applicable filteringrule 934 to be selected may be determined by the correlating 938 theassociated geographic region 936 and the location 940 from which theelectronic message was sent. In other embodiments, different comparisons938 between the location 940 of a sender and geographic regions 936 maybe made to determine the subset of user information 934 to betransmitted.

The specific manner in which a given geographic region may be determinedmay be incorporated in a rule, within an Application of the Server 110,or otherwise embodied on a computer-readable medium. In anotherembodiment, the database may comprise additional rules dictating how todetermine the geographic regions, as described throughout this detaileddescription. In some embodiments, a geographic region may be a specificlocation. In various embodiments, the boundaries of a geographic regionare determined automatically by the Location Comparison Server 110,wherein the Server 110 establishes the boundaries based on informationon unwanted communications received from the plurality of receivers.

Returning now to FIG. 9A, at block 916, the Location Comparison Server110 may bring the data together by correlating, via the receiveridentification, 1) the set of filtering rules, and 2) the location baseddata from the sender. At block 918, the Server 110 may select thefiltering rule applicable to the location of the sender, as describedabove. In some embodiments, the Server 110 may perform the selectedfiltering rule. Also, the Server 110 may store the selected filteringrules, any data associated with the selection, in the UM database orother database. In some embodiments, the Server 110 may select theboundaries of one or more of the geographic regions based, in part, onthe past selected filtering rules stored in the UM database. In someembodiments, the dashed region denoted by reference numeral 920 maycomprise the data created by the sending device, whereas the dashedregion denoted by reference numeral 922 may comprise the filtering rulesstored in the UM database. The Location Comparison Server 110 maycorrelate the information received from the sender 920 and theinformation in the UM database 922 to select the applicable filteringrule.

3. System to Filter Unwanted Communications based on Location andIdentifier: According to various embodiments of the invention, thefiltering rules specified above may also be limited in applicability toonly certain senders. The following discussion describes an exemplaryembodiment 950, illustrated in FIG. 9C, to show how such functionalitymay be implemented. A delivery request may also be associated with anidentifier unique to the sender (e.g., an identifier unique to thedevice sending the electronic message, or an identifier unique to thesender associated with the device (such as an e-mail or IM address)).The same alternative elements described above in Section VI. 2. may beapplicable to the following set of embodiments and, thus, the discussionwill be focused on the differences.

At block 952, a network connected device (“sender”) may initiate arequest to deliver an electronic message by creating a message. At block954, the network connected device may receive a set of data identifyingits location. At block 956, the device may transmit, in a communicationssignal: 1) the set of data identifying the location of the device, 2) anidentifier unique to the sender and 3) the electronic message, directedto a specific receiver. This transmission may comprise a deliveryrequest. At block 958, the Location Comparison Server 110 may receive,at least, the 1) set of data identifying the location of the sender, 2)an identifier unique to the sender, and 3) an identification of thereceiver to which the electronic message is directed.

At block 960, a table of receivers (including the receiver to which themessage is directed) may be stored in the UM Database. At block 962,different sets of filtering rules may be stored in the UM database, eachset associated with one of the receivers. Subsets of each set offiltering rules may apply only to certain senders. In some embodiments,each filtering rule may be applied only to a certain sender or group ofsenders. However, it is anticipated that it may be optimal in manycircumstances for a receiver to have some universal filtering rulesapplicable to all senders. At block 964, the Server 110 may define thesubsets of each set of rules with are applicable only to a specifiedsender. However, those skilled in the art will recognize that there aremany different ways in which the subsets may be selected. For instance,a receiver or service provider may make such determinations, and suchlimitations may be implemented or stored in the database in a variety ofways known in the art. In limiting the applicability of a rule to acertain sender, a sender may be specified by using an identifier uniqueto the sender.

At block 966, a Location Comparison Server 110 may define limited (orunlimited) geographic regions in which each filtering rule is applicableby associating rules with different geographic regions. Because afiltering rule may in some embodiments only apply to a certain sender,filter granularity of location and sender may be combined.

FIG. 9D shows a table 975, illustrating how the UM database content maybe structured according to certain embodiments of the invention, in amanner different than table 925. Contents of the table 975 describedbelow may, or may not, be stored in the UM database. The UM database maycomprise a table of receivers 976 who are intended recipients ofdelivery requests 978 (which include the identifier of a sender, notedas A, B, or C in the table 975). Each receiver in the table may also beassociated with a set of filtering rules 980, as described above (e.g.,Receiver₁ is associated with Rules(X)_(1Ai,1Aii,1Aiii,1Bi,1Bii),Receiver₂ is associated withRules(X)_(2Ai,2Aii,2Aiii,2Bi,2Bii,2Biii,2Biv), etc.). Each filteringrule may also be associated with only certain senders (e.g.,Rules(X)_(1Ai,1Aii,1Aiii) only applicable to sender A,Rules(X)_(1Bi,1Bii) only applicable to sender B, etc.). As above, eachfiltering rule may also be associated with limited (or unlimited)geographic regions 982, which may indicate a limited sending area inwhich the filtering rule may be applied for a receiver (e.g.,Rule(X)_(1Ai) applicable only in Geographic Region(X)_(1Ai),Rule(X)_(4Cii) applicable only in Geographic Region(X)_(4Cii), etc.). Insome embodiments, for a given device, the applicable filtering rule 980to be selected may be determined by correlating 984 the associatedgeographic region 982 and the location 986 from which the electronicmessage was sent (from the set of filtering rules applicable to thesender and receiver). In other embodiments, different comparisons 984between the location 986 of a sender and geographic regions 982 may bemade to determine the rule 980 to be selected.

Returning now to FIG. 9C, at block 968, the data may be brought togetherby correlating, via the receiver identification, 1) the subset offiltering rules applicable to the sender, and 2) the location based datafrom the sender. At block 970, the Server 110 may select the filteringrule applicable to the location of the sender, as described above.Having specifically described the system, it will be apparent to oneskilled in the art the variety of methods that may be used inconjunction with the system. One such exemplary method is describedbelow. The method can be used in a variety of systems, and other methodscan be used as well, as will be apparent to one skilled in the art inlight of this disclosure.

4. Method for Filtering Unwanted Communications: Certain embodiments ofthe invention comprise a method 990 for a plurality of receivers ofelectronic messages to avoid unwanted electronic communications. Anexample of such a method is illustrated in FIG. 9E. The followingelements are for exemplary purposes only, and may be usedinterchangeably with elements described elsewhere. At block 992, adatabase is maintained, and an example of such a database is illustratedat 115 in FIG. 1. The database may comprise a table of receivers, witheach receiver associated with different filtering rules which are eachapplicable in a limited geographic region.

At block 994, a communications signal from a network connected devicemay be received, comprising a set of data identifying the location ofthe device and an identification of the receiver. At block 996, afiltering rule is selected from the database, the rule being applicableto the receiver and the geographic region within which the sender islocated.

VII. Computing Device Structure: A device structure 1000 that may beused for any network connected device, mobile communications device,Location Comparison Server 110, Action Request Originator 120, or anyother computing device described herein is illustrated with theschematic diagram of FIG. 10. This drawing broadly illustrates howindividual system elements of each of the aforementioned devices may beimplemented, whether in a separated or more integrated manner. Theexemplary structure is shown comprised of hardware elements that areelectrically coupled via bus 1005, including processor(s) 1010 (whichmay further comprise a DSP or special-purpose processor), storagedevice(s) 1015, input device(s) 1020, and output device(s) 1025. Thestorage device(s) 1015 may comprise a computer-readable storage mediareader connected to any computer-readable storage medium, thecombination comprehensively representing remote, local, fixed, orremovable storage devices or storage media for temporarily or morepermanently containing computer-readable information. The GPS/OtherLocation Receiver 1050 may comprise any such receiver, whether separateor more integrated, that is configured to receive location based data asdescribed herein. The communications system 1045 may comprise a wired,wireless, or other type of interfacing connection that permits data tobe exchanged with other devices. The communications system(s) 1045 maypermit data to be exchanged with a network (including, withoutlimitation, the Network 125).

The structure 1000 may also comprise additional software elements, shownas being currently located within working memory 1030, including anoperating system 1035 and other code 1040, such as programs orapplications designed to implement methods of the invention. It will beapparent to those skilled in the art that substantial variations may beused in accordance with specific requirements. For example, customizedhardware might also be used, or particular elements might be implementedin hardware, software (including portable software, such as applets), orboth.

VIII. Conclusion: It should be noted that the methods, systems anddevices discussed above are intended merely to be exemplary in nature.It must be stressed that various embodiments may omit, substitute, oradd various procedures or components as appropriate. For instance, itshould be appreciated that in alternative embodiments, the methods maybe performed in an order different than that described, and that varioussteps may be added, omitted or combined. Also, features described withrespect to certain embodiments may be combined in various otherembodiments. Different aspects and elements of the embodiments may becombined in a similar manner. For example, while it has been emphasizedthat the systems and methods described in the II. Broad SystemArchitecture section, are applicable throughout, elements of theembodiments of each section may be combined, or otherwise used fordifferentiation. Also, it should be emphasized that technology evolvesand, thus, many of the elements are exemplary in nature and should notbe interpreted to limit the scope of the invention.

It should be noted that the methods, systems and devices discussed aboveare intended merely to be exemplary in nature. Specific details aregiven in the description to provide a thorough understanding of theembodiments. However, it will be understood by one of ordinary skill inthe art that the embodiments may be practiced without these specificdetails. For example, well-known circuits, processes, algorithms,structures, and techniques have been shown without unnecessary detail inorder to avoid obscuring the embodiments. Also, it is worth noting thattechnology evolves, and that terms should be interpreted accordingly.

Also, it is noted that the embodiments may be described as a processwhich is depicted as a flowchart, a flow diagram, a data flow diagram, astructure diagram, or a block diagram. Although a flowchart may describethe operations as a sequential process, many of the operations can beperformed in parallel or concurrently. In addition, the order of theoperations may be re-arranged. A process is terminated when itsoperations are completed, but could have additional steps not includedin the figure.

Moreover, as disclosed herein, the terms “storage medium” or “storagedevice” may represent one or more devices for storing data, includingread only memory (ROM), random access memory (RAM), magnetic RAM, corememory, magnetic disk storage mediums, optical storage mediums, flashmemory devices or other machine readable mediums for storinginformation. The term “computer-readable medium” includes, but is notlimited to, portable or fixed storage devices, optical storage devices,wireless channels, a sim card, other smart cards, and various othermediums capable of storing, containing or carrying instructions or data.

Furthermore, embodiments may be implemented by hardware, software,firmware, middleware, microcode, hardware description languages, or anycombination thereof. When implemented in software, firmware, middlewareor microcode, the program code or code segments to perform the necessarytasks may be stored in a machine readable medium such as a storagemedium. Processors may perform the necessary tasks.

Having described several embodiments, it will be recognized by those ofskill in the art that various modifications, alternative constructions,and equivalents may be used without departing from the spirit of theinvention. For example, the above rules may merely be a component of alarger system, wherein other rules may take precedence over or otherwisemodify the application of the rules. Also, a number of steps may berequired before the above rules are considered. By way of example, witha financial transaction, other preventative measures and authorizationsmay be used in conjunction with or apart from the rules providing forauthorization of a financial transaction. Accordingly, the abovedescription should not be taken as limiting the scope of the invention,which is defined in the following claims.

What is claimed is:
 1. A system for authorization of a transaction witha financial card, the system comprising: a mobile communications device,wherein the mobile communications device is configured to: receive a setof data identifying the location of the mobile communications device;and in response to a query from a location comparison server, transmit,via Internet Protocol over a data network, a communications signal fromthe mobile communications device to the location comparison server, thesignal comprising the set of data and an identifier unique to the mobilecommunications device; and a database which comprises a table ofidentifiers, wherein, each identifier in the table is unique to one of aplurality of mobile communications devices; each identifier in the tableis associated with at least one financial card number; and the table ofidentifiers includes the identifier unique to the mobile communicationsdevice; the location comparison server, in communication with the mobilecommunications device and the database, wherein the server is configuredto: receive the communications signal; store the set of data from thecommunications signal in the database; receive a request forauthorization of a transaction with a financial card number and dataidentifying the location of the transaction, wherein the financial cardnumber is associated with the identifier unique to the mobilecommunications device; and authorize the transaction when the databaseindicates that the mobile communications device is located withinlimited geographic regions, the regions determined at least in part bythe location of the transaction, wherein the one or more limitedgeographic regions at least encompass a home region of a user associatedwith the mobile communications device, and wherein authorizing thetransaction comprises: determining whether the request for authorizationof a transaction occurs within a first predetermined radial distancefrom the home region; determining whether the request for authorizationof a transaction occurs within a city in which the home region islocated; based on a determination that the request for authorization ofa transaction occurs within the first predetermined radial distance fromthe home region and occurs within the city in which the home region islocated, authorizing the transaction; based on a determination that therequest for authorization of a transaction does not occur within thefirst predetermined radial distance from the home region, determiningwhether the request for authorization of a transaction occurs within asecond predetermined radial distance from the location of thetransaction, the second predetermined radial distance beingsignificantly smaller than the first predetermined radial distance, andauthorizing the transaction in response to a determination that therequest for authorization of a transaction occurs within the secondpredetermined radial distance from the location of the transaction; anddeny the request for authorization of a transaction based on one of adetermination that the transaction occurs within the first predeterminedradial distance from the home region but occurs outside of the city inwhich the home region is located or a determination that the transactionoccurs outside the first predetermined radial distance from the homeregion and outside the second predetermined radial distance from thelocation of the transaction.
 2. The system of claim 1, wherein themobile communications device comprises a cellular phone.
 3. The systemof claim 1, wherein the set of data is received by hardware configuredto receive the set of data, wherein the hardware is coupled with thedevice.
 4. The system of claim 3, wherein the hardware configured toreceive the set of data comprises a GPS receiver.
 5. The system of claim1, wherein the identifier unique to the device is selected from thegroup consisting of: a MAC address, an IP address, a telephone number,and any combination thereof.
 6. The system of claim 1, wherein thefinancial card comprises a credit card.
 7. The system of claim 1,wherein the communications signal comprises more than one signal, eachsignal transmitted at different times.
 8. The system of claim 1, whereinthe request to authorize is transmitted from the device, and in thecommunications signal.
 9. The system of claim 1, wherein the request toauthorize is made by a person or entity other than a user of the device.10. The system of claim 9, wherein the request to authorize is made by aretail merchant.
 11. The system of claim 9, wherein the request toauthorize is made by a financial services company.
 12. The system ofclaim 1, wherein the authorize step comprises validating the location ofthe device.
 13. The system of claim 1, wherein a size and shape of thelimited geographic regions are variable with time.
 14. The system ofclaim 13, wherein the limited geographic regions are further determinedby the location of the device.
 15. The system of claim 1, wherein theserver will authorize the transaction if the database indicates that thedevice and the transaction are each located within one of the limitedgeographic regions.
 16. The system of claim 1, wherein an identifier inthe table associated with the device is further associated with aspecified maximum allowed distance between the location of the deviceand a location of the transaction, and the server will authorize thetransaction if the database indicates that the device and thetransaction are within the specified maximum allowable distance.
 17. Thesystem of claim 16, wherein the identifier in the table associated withthe device is further associated with a plurality of specified maximumallowed distances, including a first specified maximum allowed distancewhen the device is in a first specified location and a second specifiedmaximum allowed distance when the device is in a second specifiedlocation.
 18. The system of claim 17, wherein the first specifiedlocation is a home location of a user of the device, and wherein thesecond specified location is a work location of a user of the device.19. The system of claim 18, the other rules are established by afinancial services company associated with the financial card number.20. The system of claim 1, wherein the server will not authorize thetransaction because the database indicates that the device and thetransaction are not each located within one of the limited geographicregions.
 21. The system of claim 1, wherein the database furthercomprises other rules associated with each identifier in the table, therules dictating how the location of the transaction will determine thelimited geographic regions.
 22. The system of claim 1, wherein thedatabase further comprises user preferences associated with eachidentifier in the table, the user preferences dictating how the locationof the transaction will define the limited geographic regions.
 23. Amethod for authorization of a transaction with a financial card, themethod comprising: maintaining a database which comprises a table ofidentifiers, wherein, each identifier in the table is unique to one of aplurality of mobile communications devices; and each identifier in thetable is associated with at least one financial card number; querying,with a location comparison server, one mobile communications device ofthe plurality of mobile communication devices for location information;receiving, at the location comparison server via Internet Protocol overa data network, a communications signal from the one mobilecommunications device of the plurality of mobile communications devicesin response to the query, the signal including information comprising aset of data identifying the location of the one mobile communicationsdevice and an identifier unique to the one mobile communications device;storing the set of data in the database; receiving a request forauthorization of a transaction with a financial card number and dataidentifying the location of the transaction, wherein the financial cardnumber is associated with the identifier unique to the one mobilecommunications device; and authorizing the transaction when the databaseindicates that the one mobile communications device is located withinlimited geographic regions, the regions determined at least in part bythe location of the transaction, wherein the one or more limitedgeographic regions at least encompass a home region of a user associatedwith the mobile communications device, and wherein authorizing thetransaction comprises: determining whether the request for authorizationof a transaction occurs within a first predetermined radial distancefrom the home region; determining whether the request for authorizationof a transaction occurs within a city in which the home region islocated; based on a determination that the request for authorization ofa transaction occurs within the first predetermined radial distance fromthe home region and occurs within the city in which the home region islocated, authorizing the transaction; based on a determination that therequest for authorization of a transaction does not occur within thefirst predetermined radial distance from the home region, determiningwhether the request for authorization of a transaction occurs within asecond predetermined radial distance from the location of thetransaction, the second predetermined radial distance beingsignificantly smaller than the first predetermined radial distance, andauthorizing the transaction in response to a determination that therequest for authorization of a transaction occurs within the secondpredetermined radial distance from the location of the transaction; anddenying the request for authorization of a transaction based on one of adetermination that the transaction occurs within the first predeterminedradial distance from the home region but occurs outside of the city inwhich the home region is located or a determination that the transactionoccurs outside the first predetermined radial distance from the homeregion and outside the second predetermined radial distance from thelocation of the transaction.
 24. A computer program embodied on at leastone non-transitory computer readable medium, the computer programcomprising instructions executable by a computer to: maintain a databasewhich comprises a table of identifiers, wherein, each identifier in thetable is unique to one of a plurality of mobile communications devices;and each identifier in the table is associated with at least onefinancial card number; query one mobile communications device of theplurality of mobile communication devices for location information;receive, via Internet Protocol via a data network, a communicationssignal from one mobile communications device of the plurality of mobilecommunications devices in response to the query, the signal includinginformation comprising a set of data identifying the location of the onemobile communications device and an identifier unique to the one mobilecommunications device; store the set of data in the database; receive arequest for authorization of a transaction with a financial card numberand data identifying the location of the transaction, wherein thefinancial card number is associated with the identifier unique to theone mobile communications device; and authorize the transaction when thedatabase indicates that the one mobile communications device is locatedwithin limited geographic regions, the regions determined at least inpart by the location of the transaction, wherein the one or more limitedgeographic regions at least encompass a home region of a user associatedwith the mobile communications device, and wherein authorizing thetransaction comprises: determining whether the request for authorizationof a transaction occurs within a first predetermined radial distancefrom the home region; determining whether the request for authorizationof a transaction occurs within a city in which the home region islocated; based on a determination that the request for authorization ofa transaction occurs within the first predetermined radial distance fromthe home region and occurs within the city in which the home region islocated, authorizing the transaction; based on a determination that therequest for authorization of a transaction does not occur within thefirst predetermined radial distance from the home region, determiningwhether the request for authorization of a transaction occurs within asecond predetermined radial distance from the location of thetransaction, the second predetermined radial distance beingsignificantly smaller than the first predetermined radial distance, andauthorizing the transaction in response to a determination that therequest for authorization of a transaction occurs within the secondpredetermined radial distance from the location of the transaction; anddeny the request for authorization of a transaction based on one of adetermination that the transaction occurs within the first predeterminedradial distance from the home region but occurs outside of the city inwhich the home region is located or a determination that the transactionoccurs outside the first predetermined radial distance from the homeregion and outside the second predetermined radial distance from thelocation of the transaction.